Source: Kaspersky (securelist.com)

Feb 21, 2018

Microsoft Office was a prime target for attacks in 2017. As well as the large number of vulnerabilities discovered and proof-of-concept exploits published, malware authors felt it necessary to prevent detection of ‘one-day’ and ‘old-day’ exploits by antivirus software. It also became clear that using RTF parsing features and peculiarities are no longer enough to effectively evade detection. Alo...

Source: Kaspersky (securelist.com)

Feb 20, 2018

Sofacy, also known as APT28, Fancy Bear, and Tsar Team, is a highly active and prolific APT. From their high volume 0day deployment to their innovative and broad malware set, Sofacy is one of the top groups that we monitor, report, and protect against. 2017 was not any different in this regard. Our private reports subscription customers receive a steady stream of YARA, IOC, and reports on Sofac...

Source: Ars Technica Security RSS

Feb 17, 2018

Enlarge / This may become the new default imagery for Spectre and Meltdown around Intel. (credit: Brian Turner / Flickr)
In its annual SEC filing, Intel has revealed that it's facing 32 lawsuits over the Spectre and Meltdown attacks on its processors. While the Spectre problem is a near-universal issue faced by modern processors, the Meltdown attack is specific to processors from Intel and A...

Source: Kaspersky (securelist.com)

Feb 15, 2018

Figures of the year
The share of spam in mail traffic came to 56.63%, down 1.68% against 2016.
The biggest source of spam remains the US (13.21%).
40% of spam emails were less than 2 KB in size.
The most common malware family found in mail traffic was Trojan-Downloader.JS.Sload
The Anti-Phishing system was triggered 246,231,645 times.
9% of unique users encountered phishing
Global events in s...

Source: Veracode.com

Feb 15, 2018

The shift to DevOps and DevSecOps has already happened, it's only a question of when we all catch up. Organizations in all industries are creating software not only faster, but also more precise, collaborative, and incremental ways than ever before. In fact, we’ve seen the shift in our own customer base, where the percentage of applications scanned for security on a weekly basis jumped 50 perc...

Source: Kaspersky (securelist.com)

Feb 14, 2018

Introduction
Of all the forms of attack against financial institutions around the world, the one that brings traditional crime and cybercrime together the most is the malicious ecosystem that exists around ATM malware. Criminals from different backgrounds work together with a single goal in mind: jackpotting. If there is one region in the world where these attacks have achieved highly professio...

Source: Veracode.com

Feb 14, 2018

Speed rules in software development today. The DevOps model means getting newer, better, faster into the hands of customers as quickly as possible is the name of the game. But where does that leave security? If it’s not done right -- overlooked or worked around. Done right -- it’s embedded into the software development process from day one, unobtrusively checking for and removing vulnerabiliti...

Source: Kaspersky (securelist.com)

Feb 13, 2018

In October 2017, we learned of a vulnerability in Telegram Messenger’s Windows client that was being exploited in the wild. It involves the use of a classic right-to-left override attack when a user sends files over the messenger service.
Right-to-left override in a nutshell
The special nonprinting right-to-left override (RLO) character is used to reverse the order of the characters that come a...